Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 27, 2025, 6:04 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194901	3.6	注意	Puppet	-	Puppet および Puppet Enterprise における任意のファイルを上書きされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1989	2012-07-26 14:07	2012-06-27	Show	GitHub Exploit DB Packet Storm

194902	3.5	注意	Puppet	-	Puppet および Puppet Enterprise におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2012-1987	2012-07-26 13:57	2012-05-29	Show	GitHub Exploit DB Packet Storm

194903	10	危険	Google サムスン	-	複数の製品の Chromebook プラットフォーム上で稼働する Google Chrome OS における脆弱性	CWE-noinfo 情報不足	CVE-2012-4050	2012-07-26 11:57	2012-07-23	Show	GitHub Exploit DB Packet Storm

194904	2.1	注意	Puppet	-	Puppet および Puppet Enterprise における任意のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1986	2012-07-25 17:54	2012-05-29	Show	GitHub Exploit DB Packet Storm

194905	5	警告	シマンテック	-	Symantec Web Gateway の管理コンソールにおける任意のパスワードを変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2977	2012-07-25 16:23	2012-07-20	Show	GitHub Exploit DB Packet Storm

194906	7.5	危険	シマンテック	-	Symantec Web Gateway の管理コンソールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-2961	2012-07-25 16:19	2012-07-20	Show	GitHub Exploit DB Packet Storm

194907	7.5	危険	シマンテック	-	Symantec Web Gateway の管理コンソールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-2574	2012-07-25 15:39	2012-07-20	Show	GitHub Exploit DB Packet Storm

194908	4.4	警告	シマンテック	-	Symantec System Recovery および Backup Exec System Recovery における権限を取得される脆弱性	CWE-Other その他	CVE-2012-0305	2012-07-25 15:31	2012-07-20	Show	GitHub Exploit DB Packet Storm

194909	4	警告	Moodle	-	Moodle におけるサービス運用妨害 (CPU 資源の消費) の脆弱性	CWE-Other その他	CVE-2012-3398	2012-07-25 14:56	2012-07-23	Show	GitHub Exploit DB Packet Storm

194910	4	警告	Moodle	-	Moodle の lib/modinfolib.php におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-3397	2012-07-25 14:55	2012-07-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 27, 2025, 4:07 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
611	-	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Multi Uploader for Gravity Forms allows Upload a Web Shell to a Web Server. This issue affects Multi Uploader for Gravity For…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2025-23921	2025-01-23 00:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

612	-	-	-	Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Smallerik File Browser allows Upload a Web Shell to a Web Server. This issue affects Smallerik File Browser: from n/a through…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2025-23918	2025-01-23 00:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

613	-	-	-	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Menus Plus+ allows SQL Injection. This issue affects Menus Plus+: from n/a through 1.9.6.	CWE-89 SQL Injection	CVE-2025-23910	2025-01-23 00:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

614	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Download Codes allows Reflected XSS. This issue affects WP Download Codes: from n/a t…	CWE-79 Cross-site Scripting	CVE-2025-23882	2025-01-23 00:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

615	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Block Pack allows Reflected XSS. This issue affects WP Block Pack: from n/a through 1…	CWE-79 Cross-site Scripting	CVE-2025-23874	2025-01-23 00:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

616	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WordPress File Search allows Reflected XSS. This issue affects WordPress File Search: fr…	CWE-79 Cross-site Scripting	CVE-2025-23867	2025-01-23 00:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

617	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound EU DSGVO Helper allows Reflected XSS. This issue affects EU DSGVO Helper: from n/a throu…	CWE-79 Cross-site Scripting	CVE-2025-23866	2025-01-23 00:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

618	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kolja Nolte Flexible Blogtitle allows Reflected XSS. This issue affects Flexible Blogtitle: from …	CWE-79 Cross-site Scripting	CVE-2025-23846	2025-01-23 00:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

619	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Contact Form 7 Round Robin Lead Distribution allows Reflected XSS. This issue affects Co…	CWE-79 Cross-site Scripting	CVE-2025-23812	2025-01-23 00:15	2025-01-23	Show	GitHub Exploit DB Packet Storm

620	-	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP2APP allows Reflected XSS. This issue affects WP2APP: from n/a through 2.6.2.	CWE-79 Cross-site Scripting	CVE-2025-23811	2025-01-23 00:15	2025-01-23	Show	GitHub Exploit DB Packet Storm